Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Wi2grpYaptoLG2GwhgcoceGPcA4.roa
File: Wi2grpYaptoLG2GwhgcoceGPcA4.roa (raw, json)
Hash identifier: qEWn6BwBXEb2GzMKKD6DC1NpA+QU02YN6ZBwbdy+1ms=
Subject key identifier: 5A:2D:A0:AE:96:1A:A6:DA:0B:1B:61:B0:86:07:28:71:E1:8F:70:0E
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0195D6C9470F61DD74466D746B376BF9BEDE
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Wi2grpYaptoLG2GwhgcoceGPcA4.roa
Signing time: Thu 27 Mar 2025 08:47:49 +0000
ROA not before: Thu 27 Mar 2025 08:47:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 159.148.134.0/24 maxlen: 24
159.148.136.0/24 maxlen: 24
159.148.137.0/24 maxlen: 24
159.148.140.0/24 maxlen: 24
159.148.184.0/24 maxlen: 24
159.148.224.0/24 maxlen: 24
159.148.226.0/24 maxlen: 24
Validation: Failed, unable to get local issuer certificate
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:d6:c9:47:0f:61:dd:74:46:6d:74:6b:37:6b:f9:be:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Mar 27 08:47:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5a2da0ae961aa6da0b1b61b086072871e18f700e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:33:cf:19:b5:e1:24:bf:c8:39:dc:c1:d9:c9:
c0:bf:a2:e9:43:cf:3a:08:76:22:30:d4:ce:a0:ff:
0b:06:44:aa:37:0c:11:d4:22:75:bd:0c:f4:a7:8d:
0f:dc:95:3b:c0:91:09:41:9b:db:06:15:72:a3:61:
0f:37:47:7e:12:94:6e:59:ed:39:b6:7a:1a:f1:6b:
36:67:6d:31:03:ee:d7:97:31:5c:af:2e:2d:9a:6c:
a2:91:9e:73:2c:05:cb:95:8f:11:fe:0a:1d:17:b8:
9c:a0:eb:b0:88:1a:57:56:09:fe:ae:5e:27:32:e0:
ae:f8:8a:35:2d:d9:66:da:5c:aa:de:e2:c5:7a:d1:
ad:9a:8e:23:9d:99:55:ad:f1:e6:50:1f:00:c5:7d:
c3:8c:8c:d2:79:0b:fe:6d:29:48:ef:d4:ae:39:d8:
aa:88:b2:32:ac:86:fc:8d:7b:29:dc:0c:de:cb:a0:
4a:14:01:28:03:d7:e1:10:08:04:67:7a:1f:f3:90:
86:32:34:77:1b:09:f8:99:56:19:bc:aa:65:e8:79:
f9:88:9d:77:b0:5a:37:95:69:80:c7:30:2f:51:95:
21:bd:f6:7a:67:c7:80:8e:b9:bd:be:25:9a:15:22:
1c:18:9f:d4:55:31:9c:91:91:ae:99:16:c2:41:cc:
ae:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:2D:A0:AE:96:1A:A6:DA:0B:1B:61:B0:86:07:28:71:E1:8F:70:0E
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/Wi2grpYaptoLG2GwhgcoceGPcA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.148.134.0/24
159.148.136.0/23
159.148.140.0/24
159.148.184.0/24
159.148.224.0/24
159.148.226.0/24
Signature Algorithm: sha256WithRSAEncryption
04:34:1a:f4:f3:e0:13:b3:aa:98:1d:d1:97:e4:2a:17:4e:99:
dc:f6:5b:70:12:f5:2a:9c:ab:f5:6e:11:97:6b:ab:f5:c9:d8:
b8:86:ec:26:5a:d6:bd:2b:39:bf:f9:4c:96:12:c3:b3:77:1b:
02:f8:87:81:18:25:70:28:46:cf:a1:d5:9c:e0:96:7b:3d:93:
2d:70:4b:d3:3a:0f:01:ea:b0:08:05:fa:4b:ed:3b:ae:20:3c:
f9:ad:0a:f1:63:13:99:97:ef:6f:d0:b5:b7:5b:1c:35:9f:55:
70:8d:8b:f2:9c:e8:dc:fd:41:6d:82:68:5f:49:0c:5c:e8:be:
99:f3:7c:3a:f9:0f:a7:04:21:7e:8a:9e:08:67:0f:8e:a6:d0:
88:ec:81:6b:69:06:c7:4f:93:ec:50:74:e3:6c:17:f9:2a:75:
b3:7f:05:e2:b5:0a:bf:45:ac:2a:b4:d5:98:d8:a5:c3:ec:0e:
32:1f:e4:92:51:cf:ac:fd:cf:0d:58:14:80:50:a5:9a:cd:8b:
f4:60:d3:a1:cf:cb:a7:81:70:bc:24:03:bb:aa:34:38:5c:a0:
fc:a6:7f:b4:72:bf:a4:a0:44:45:e6:4d:09:26:04:32:50:5f:
ed:fe:84:45:07:70:cb:e8:c6:ed:27:65:53:5b:af:f7:41:5d:
3b:11:c2:9d
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZXWyUcPYd10Rm10azdr+b7eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwMzI3MDg0NzQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YTJkYTBhZTk2MWFhNmRhMGIxYjYxYjA4NjA3Mjg3MWUxOGY3MDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTPPGbXhJL/IOdzB2cnAv6LpQ886
CHYiMNTOoP8LBkSqNwwR1CJ1vQz0p40P3JU7wJEJQZvbBhVyo2EPN0d+EpRuWe05
tnoa8Ws2Z20xA+7XlzFcry4tmmyikZ5zLAXLlY8R/godF7icoOuwiBpXVgn+rl4n
MuCu+Io1Ldlm2lyq3uLFetGtmo4jnZlVrfHmUB8AxX3DjIzSeQv+bSlI79SuOdiq
iLIyrIb8jXsp3Azey6BKFAEoA9fhEAgEZ3of85CGMjR3Gwn4mVYZvKpl6Hn5iJ13
sFo3lWmAxzAvUZUhvfZ6Z8eAjrm9viWaFSIcGJ/UVTGckZGumRbCQcyu3wIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFFotoK6WGqbaCxthsIYHKHHhj3AOMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvV2kyZ3JwWWFwdG9MRzJHd2hnY29jZUdQY0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAn5SGAwQB
n5SIAwQAn5SMAwQAn5S4AwQAn5TgAwQAn5TiMA0GCSqGSIb3DQEBCwUAA4IBAQAE
NBr08+ATs6qYHdGX5CoXTpnc9ltwEvUqnKv1bhGXa6v1ydi4huwmWta9Kzm/+UyW
EsOzdxsC+IeBGCVwKEbPodWc4JZ7PZMtcEvTOg8B6rAIBfpL7TuuIDz5rQrxYxOZ
l+9v0LW3Wxw1n1VwjYvynOjc/UFtgmhfSQxc6L6Z83w6+Q+nBCF+ip4IZw+OptCI
7IFraQbHT5PsUHTjbBf5KnWzfwXitQq/RawqtNWY2KXD7A4yH+SSUc+s/c8NWBSA
UKWazYv0YNOhz8ungXC8JAO7qjQ4XKD8pn+0cr+koERF5k0JJgQyUF/t/oRFB3DL
6MbtJ2VTW6/3QV07EcKd
-----END CERTIFICATE-----
Generated at Sat Apr 5 11:16:45 2025 by rpki-client